Multi-Factor Authentication — Better Cloud Security

Secure access to your corporate VPN and WiFi, G Suite, Office 365, Salesforce.com, and thousands of cloud applications with a second authentication factor beyond username and password. In the event that someone steals a user’s credentials, the addition of a one-time passcode token is a significant barrier to prevent intruder access. OneLogin Protect is available for Android, Android Wear, Apple iOS, and Apple watchOS.

Unparalleled Usability — The Login Process

OneLogin Protect’s OTP generator removes friction from multi factor authentication (MFA) by letting users simply respond to a push notification on their smartphone or watch during the login process. The OneLogin Protect OTP (one-time password) is sent through your phone to OneLogin where it is validated and then the user is logged in. If the user’s mobile device is not connected to the Internet, the user can enter the one-time password on the OneLogin App Portal. As soon as OneLogin receives a valid one-time password, the user is logged in.

Easy Roll-Out

First, users install the OneLogin Protect OTP mobile app, available on the Apple and, Android app stores. Then users sign into OneLogin App Portal and follow instructions to register their mobile app instance with their OneLogin account. Once registered, the user can provide a valid one-time password when signing into OneLogin.

Algorithm

OneLogin Protect’s OTP solution is based on RFC 6238 — A Time-Based One-Time Password Algorithm (TOTP) , which was designed by VeriSign, Symantec, and others. The RFC describes how two endpoints with synchronized clocks can exchange a secure one-time password based on the HMAC algorithm. One-time passwords are valid for 30 seconds, but the implementation of the algorithm is able to tolerate some time drift on the mobile device in order to increase reliability of the solution.